FireEye published an interesting report on the activity of the APT37 (Reaper) group, most likely affiliated with the North Korean authorities. The conducted analysis of this organization indicates that the group’s scope of operations is constantly expanding. It takes advantage of CVE-2018-4878 zero-day security vulnerabilities or conducts attack using wiper malware (malware type aimed at erasing the content of, e.g., hard drives). The report indicates that the group also carried out precise sociotechnical attacks (spear phishing).
About APT37 activity
Not much is known about the group itself (which is the standard with such organizations linked to state governments). FireEye specialists believe that the actions of this organization were also attributed to such groups as Scarcruft or Group 123. What we know is that its activity concentrates on South Korea, Vietnam, Japan and the Middle East.
Source: FireEye, Group’s scope of activity – APT37 (Reaper): The Overlooked North Korean Actor
—
Do you need cybersecurity solutions for your company – contact us.
